We're running a Windows Server 2008 with IIS 7. I need to use SSL 3.0 for our PCI compliance but from what I was told, we should disable SSL 2.0. But if I need to do this, will IIS automatically use SSL 3.0? Thanks!

In our PCI compliance scan, we still have this vulnerability in our website: Synopsis : The remote web server is affected by an information disclosure vulnerability. Description : The remote host appears to be running a version of IIS which allows remote users to determine which authentication...

Does anyone know what's the best web application firewall (WAF) for IIS? Also, is it useful for blocking attacks against poorly written code? I understand that WAF is required by PCI DSS so our organization needs to get one.

One of our clients is currently having their website validated so they can accept credit card payments on their site. One of the biggest failures they got back was that they're leaking the internal IP address. But they are running IIS 7.0, which we thought wouldn't do that. We checked the headers...

Our website just failed a PCI Compliance check. Our report said the site supported weak ciphers. But we thought we disabled that by turning off the SSL on our web servers. What else we need to check? Should we look at the load balancer? Thank you very much!

We are using a web application that was created by one of our SW engineers. There is a lot of IIS config and additional programs needed to run this app from localhost on each machine. I decided to configure our Terminal Server to be able to run this App so I could have people log on to that instead...

I have a new windows 7 Pro. After configuring the IIS and setting up virtual directories, I tried to run a test page, but I keep getting the following error message. HTTP Error 404.3 - Not Found The page you are requesting cannot be served because of the extension configuration. If the page is a...

OWA fails about every four weeks. Our Exchange 2003's OWA fails every four weeks and we need to reboot the Exchange Server in order for it to work again. When we look at the IIS service it is running. Any clues?

Hi, I am looking into networks of a small firm. Last week I successfully loaded intranet for my own company for its employees. Now I want people to upload files and folder via that intranet to some shared folders. I am totally clueless how and where to approach. Please help. I have uploaded my...

For the Outlook Web Access, I've got 2 ways to access it. They are internal access (https://mailgate/....) and external access (https://webmail/....). However, I will get the certificate warning either Internal or External access. the cause is the certicate name is different from the FQDN in the...

I had some issues with IIS and had to delete and rebuild the virtual servers associated with Exchange. This all went fine and I can now access OWA just fine but I am not given the OWA login screen. Instead I get a standard windows login screen. I have encryption setup and it does open an https...

I am trying to set up Outlook Web Access (OWA) for our external users. However, so far, I am only able to use OWA internally. I am working with Windows Server 2003, Exchange Server 2003 and Microsoft Internet Information Services (IIS) 6.0. I have one back-end Exchange server in my organization and...

My Organisation needs to deploy Internet independent Updating system on our Antivirus program (we use McAfee Total Protection-Enterprise edition). For this to work, there must be a relay server. Now, I learned any computer system on the Network can be upgraded to a relay server. So, my question is,...

I am new to Citrix Metaframe. Recently I had a virus attack and My Citrix server crushed. I have re-installed all the necessary services and also installed Citrix Metaframe 4.0. I have published applications on a myfarm and I can open then in Citrix program neighborhood. The problem comes when I...

To follow this tag...

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy